Sentinel provides event visualizations that present data in charts, tables, and maps. These visualizations make it easier to visualize and analyze large volumes of data such as events, IP Flow events, and alerts. You can also create your own visualizations and dashboards.
Sentinel leverages Opensearch Dashboards, a browser-based analytics and search dashboard that helps you to search and visualize events. Opensearch Dashboards accesses data from visualization data store (OpenSearch) to present events in dashboards. By default, Sentinel includes an OpenSearch node. You must enable event visualization to store and index events in OpenSearch. For more information, see Configuring the Visualization Data Store.
NOTE:After upgrading to 8.6, the new OpenSearch will not have any older data. If you want to forward the older data to OpenSearch you can do it using the data uploader tool. It can be done after the connection between all the nodes is made and both OpenSearch and Opensearch Dashboards are running. For more information, see Migrating Data.